25 Oct NGR Tech Series
In our NGR Tech Series we are sharing aspects that we believe are important and have been proactively working on to build strong value for our new and existing customers, Grower and Data Subscribers alike.
Penetration Testing - what is it and why do it?
Penetration Testing is a process where an organisation is engaged to discover any vulnerabilities and risks included in your system – their job is to act as a hacker on behalf of your company.
As our digital footprint continues to evolve in both work and personal spheres every day, it is critically important to take digital security seriously. We all know to lock our car when parking it and not share our usernames and passwords, but it is harder to see and understand what vulnerabilities exist within your code and infrastructure. This is where Penetration Testing comes in to assist with finding those blind spots and ensuring they are known and can be addressed before the worst happens.
As advocates for industry-leading data security, we believe that all organisations we work with should also employ penetration testing practices to ensure all aspects of their platform is secure.
Engagement & Value
We believe that it is imperative to deliver value for both our new and existing customers. So far, this commitment has seen the rollout of the SGA Self Declaration, Commodity Vendor Declaration and the up and coming new Harvest Declaration eDOCS alongside the eagerly awaited myNGR+.
All of these products have been designed and delivered with industry consultation and engagement. With updates based on User feedback (both Grower and Industry) prioritised and considered in consultation with industry as the primary step, before developments are implemented.
Getting the balance between industry engagement and providing customer value right only comes from a thorough understanding of the needs, challenges and future vision of our users.
Without knowing the problems, we cannot provide solutions. Without understanding the needs or desires of customers, we cannot increase the value and relevance of our offerings.
Ways of Working
We have been building a ‘Ways of Working’ over the past two years to standardise the way we approach all projects, upgrades, enhancements and issues. The ‘Ways of Working’ will never be complete and will ongoingly evolve as we try new approaches, apply learnings and continue to adjust and refine.
Engagement and Value are crucial aspects of our ‘Ways of Working’. Authentic engagement takes both time and effort, as we try to remain transparent about what we are doing and why, to ensure we maintain a level of involvement by our customers.
We feel that without engagement we cannot deliver on our vision to build connections throughout the Agricultural industry with robust quality data, advanced platforms and empowered business relationships for a strong technology-driven future.
Value is the lynchpin for why we do what we do. Through engagement with the industry, we gain an understanding of needs and how we can assist in delivering the highest levels of value for both Growers and Data Subscribers. Once the value can be quantified, we are able to make decisions on a variety of other aspects within the ‘Ways of Working’ approach to ensure the right fixes/products are in place at the right time to deliver a solution.
The Importance of Owning Your Own Systems, Processes and IP
You wouldn’t buy a car and leave the engine at the dealership, but so many organisations build tools, systems and apps leaving the code, documentation and designs on the ‘kerbside’, only focused on receiving the final product.
This approach can lead to significant issues if not addressed, and ultimately requires you to spend more time and money on redoing work already completed and available to your staff and customers. However owning your own systems, processes and IP can change all of this in today’s digital age. So how do you do ‘own’ your assets?
1. The first step is ensuring your suppliers and contractors have agreements in place that cover your IP rights and all parties understand the need for you to have all collateral at the end of the project, not just the completed product.
2. Have the tools available to store the collateral in a usable way, whether this be a code repository, a UI tool kit, document management system etc. Being provided the assets is one thing, but ensuring they can be stored properly and reused in the future is the most important aspect.
3. Undertake an audit or end of project review to ensure all final copies have been accounted for is vital. This is also a chance to, where relevant, ensure access has been turned off or un-required copies have been securely destroyed protecting your investment even further.
With all of your systems, processes and IP secure in your owned environment, the ability to progress forward becomes clearer and easier regardless of what decision you need to make next.